• Proceedings of the Korean Society of Computer Information Conference
• /
• 2024.01a
• /
• pp.101-103
• /
• 2024

본 논문에서는 잊혀질 권리에 대한 법제도 및 법정책적 검토를 논하고자 한다. 잊혀질 권리는 알권리, 표현의 자유 등 다른 기본권과 충돌할 수밖에 없기 때문에 이 권리를 법률로 구체화하는데 다각적인 학제 간 연구가 선결문제로써 검토되어야 한다. 정보 주체에게 잊혀질 권리를 법제화하는 것은 그 정보를 사용하려는 사람의 표현의 자유를 제한하는 결과를 초래하기 때문에 일정한 한계를 노출할 수밖에 없다. 현행 개인정보 보호법, 정보통신망 이용촉진 및 정보보호 등에 관한 법률 등에서 개인정보의 파기제도를 신설하여 부분적으로 잊혀질 권리를 반영하고 있지만 헌법상 중요한 가치인 잊혀질 권리와 알권리 및 표현의 자유에 대해 조화롭게 균형을 찾는 것이 선행과제인 것이다.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2015.07a
• /
• pp.121-123
• /
• 2015

본 논문에서는 잊혀질 권리에 대한 법정책적 검토를 논하고자 한다. 잊혀질 권리는 다른 기본권과 충돌할 수밖에 없기 때문에 이 권리를 법률로 구체화하는데 다각적인 학제 간 연구가 선결문제로써 검토되어야 한다. 정보 주체에게 잊혀질 권리를 법제화하는 것은 그 정보를 사용하려는 사람의 표현의 자유 및 국민의 알권리를 제한하는 결과를 초래하기 때문에 일정한 한계를 노출할 수밖에 없다. 비록 현행 개인정보보호법 및 정보통신망 이용촉진 및 정보보호 등에 관한 법률 제44조의 2는 개인정보의 파기제도를 신설하여 부분적으로 잊혀질 권리를 반영하고 있지만 헌법상 중요한 가치인 프라이버시권과 표현의 자유 및 알권리의 조화롭게 균형을 찾는 것이 선행과제인 것이다.

• Journal of Convergence Society for SMB
• /
• v.6 no.2
• /
• pp.25-30
• /
• 2016

Personal Information Protection Act does not apply to certain personal information processings and personal information management as well as the data subject's right to access to their personal information collected by public authorities pursuant to Statistics Act. Such exclusion may lead to problems such as misuse and mishandling of personal information by data controllers as well as infringement upon the data subejct's right to control over their personal information. This study is to find solutions to the above problems, considering the public interests of statistics and the facilitation of the collection and the use of statistics. Ultimately, the study is to suggest recommendations for the Personal Information Protection Act to ensure the data subject's rights to request access and rectification as well as safe management of the collected personal information.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.87-92
• /
• 2012

In the early 2012, European Union proposed new legal framework, including the right to be forgotten, for the protection of personal data. The new Proposal articulates kind of sweeping new privacy right and there has been debates on its potential threat to free speech in the digital age. While the situation is similar in Korea, I want to introduce the right to be forgotten in the Proposal. Then, I will analyze current legal system in Korea regarding the new privacy right and suggest some guidelines in searching direction for the coming legislation with respect to the right to be forgotten. The right to be forgotten should not have been promulgated without considering fully its effect on the free speech, especially in the society where the voice toward direct democracy or movement toward participation of the citizen, mainly through cyber space or Social Network Services, has risen much higher in Korea. Especially, the new right seems not to cover the control of data subject on a third party where the third party expressing his opinion by posting himself other's personal data on his blog or others.

• Proceedings of the Korean Society for Information Management Conference
• /
• 1996.08a
• /
• pp.97-100
• /
• 1996

정보전달매체가 발달된 오늘날에 있어서도 시각장애인은 각종 정보와 문화적 혜택으로부터 소외되고 있는것이 사실이다. 특히 도서관은 시각장애인에게도 주체적 삶의 의지, 공부할 권리, 알권리를 제공해 주어야 할 의무가 있다. 지금까지의 선행 연구들은 시각장애인 정보봉사를 도서관 쪽으로만 국한시키고 있으나 시각장애인 정보봉사는 국가와 사회의 관심하에 도서관, 매스미디어, 맹인복지기관, 특수맹학교 그리고 멀티미디어 신기술을 활용하여 전개되어야 하며 이를 위한 체계적인 연구가 필요하다.

• Smart Media Journal
• /
• v.10 no.2
• /
• pp.84-91
• /
• 2021

In the EU GDPR, when collecting personal information, the right of the information subject(user) to consent or refuse is given the highest priority. Therefore, the information subject must be able to withdraw consent and be forgotten and claim the right at any time. Especially, restricted IoT devices(Constrained Node) implement the function of consent of the data subject regarding the collection and processing of privacy data, and it is very difficult to post the utilization content of the collected information. In this paper, we designed and implemented a management system that allows data subjects to monitor data collected and processed from IoT devices, recognize information leakage problems, connect, and control devices. Taking into account the common information of the standard OCF(Open Connectivity Foundation) of IoT devices and AllJoyn, a device connection framework, 10 meta-data for information protection were defined, and this was named DPD (Data Protection Descriptor). we developed DPM (Data Protection Manager), a software that allows information subjects to manage information based on DPD.

• Informatization Policy
• /
• v.25 no.2
• /
• pp.84-96
• /
• 2018

The right to be forgotten means the right of people to request information and communication providers to delete their information online. As the number of people asking for deletion of their past embarrassing or negative online activities is increasing, discussions are being raised on the introduction of the right to be forgotten in South Korea. However, previous research on the right to be forgotten mainly deals with the legal concept, with insufficient consideration of economic value. The main purpose of this research is to examine social perception towards the right to be forgotten and to estimate its economic value quantitatively. According to the results, there are concerns about disclosure of personal information, but with lack of awareness on the right to be forgotten. The monthly average amount that a person is willing to pay to be forgotten is 1,218 Korean won (11 US dollars) and the total economic value is estimated to be about 540 billion won (490 million dollars) per year in 2017. Especially, those who have experienced leakage of personal information put higher value to the right to be forgotten. These results can be useful for making decisions about the right to be forgotten in the future.

• Convergence Security Journal
• /
• v.22 no.4
• /
• pp.109-118
• /
• 2022

Countries around the world have recognized the importance of personal information protection and have discussed protecting the rights of data subjects in various forms such as laws, regulations, and guidelines. PbD (Privacy by Design) is one of the concepts that are commonly emphasized as a precautionary measure for the protection of personal information, and it is starting to attract attention as an essential element for protecting the privacy of information subjects. However, the concept of PbD to prioritize individual privacy in system development or service operation in advance is still only at the declarative level, so there is relatively little discussion on specific methods to implement it. Therefore, this study discusses which principles and rights should be prioritized to implement PbD based on the basic principles of GDPR and the rights of data subjects. This study is meaningful in that it suggests a plan for the practical implementation of PbD by presenting the privacy considerations that should be prioritized when developing systems or services in the domestic environment.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2017.07a
• /
• pp.180-183
• /
• 2017

우리나라 민법 제3조는 "사람은 생존하는 동안 권리와 의무의 주체가 된다"고 규정하고 있다. 이것은 출생이라는 근거에 의하여 자연인이 됨과 동시에 출생자에게 권리능력이 발생한다는 것을 의미하며, 또한 출생 전에는 태아는 권리능력이 없다는 의미로도 볼 수 있다. 그러나 이 원칙을 그대로 적용하면 태아 대한 불이익과 불평등은 필연적으로 우리사회의 법감정에도 반하는 것이 되기 때문에 여러 나라에서는 태아에게 미치게 되는 부분을 제대로 바로잡기 위하여 특별한 규정을 두고 있다. 이에 대해 우리나라도 태아에게 이롭지 못한 일이 일어나는 경우가 발생을 할 수 있게 때문에 민법에서 예외적인 사항을 두어 태아를 보호하기 위한 권리능력을 인정하는 규정을 두고 있다. 하지만 1958년 민법이 제정된 이후 태아의 권리능력에 관한 법률규정이나 해석이 크게 변화하지 못하여 태아를 보호함에 있어서 소홀할 수 있다는 문제점이 대두 되고 있는 것이 현실이다. 따라서 본 논문에서는 보다 태아를 적극적으로 보호할 수 있는 대책을 살펴보기 위하여 현재 우리나라제도에 대한 문제점은 검토하고, 국민의 법 감정과 정서에 맞는 가장 바람직한 태아의 권리보호방안을 제시하고자 한다.

• The Korean Society of Law and Medicine
• /
• v.22 no.4
• /
• pp.117-157
• /
• 2021

This research reviewed the HIPAA/HITECH, 21st Century Cures Act, Common Law, and private Guidances from the perspectives in protecting and utilitizing the medical data, while implications were followed. First, the standards for protection and utilization are relatively clearly regulated through single law on personal medical information in the United States. The HIPAA has been introduced in 1996 as fundamental act on protection of medical data. Medical data was divided into personally identifiable information, non-identifying information, and limited dataset under HIPAA. Regulations on de-identification measures for medical information, objects for deletion of limited data sets, and agreement on prohibition of data re-identification were stipulated. Moreover, in the 21st Century Cures Act regulated mutual compatibility for data sharing, prohibition of data blocking, and strengthening of accessibility of data subjects. Common Law introduced comprehensive consent system and clearly stipulates procedures. Second, the regulatory system is relatively simplified and clearly stipulated in the United States. To be specific, the expert consensus and the safe harbor system were introduced as an anonymity measure for identifiable medical information, which clearly defines the process while increasing trust. Third, the protection of the rights of the data subject is specified, the duty of explanation is specified in detail, while the information right of the consumer (opt-out procedure) for identification information is specified. For instance, the HHS rule and FDA regulations recognize the comprehensive consent system for human research, but the consent procedure, method, and requirements are stipulated through the common rule. Fourth, in the case of the United States, a trust-based system is being used throughout the health and medical data legislation. To be specific, Limited Data Sets are allowed to use in condition to the researcher's agreement to prohibit re-identification, and de-identification or consent process is simplified under the system.